Pretty Good Privacy (PGP)
Wiki ▸ 🔰 Foundations ▸ Pretty Good Privacy (PGP)
It may surprise you to learn that the same encryption technologies useful for protecting the privacy of our messages like e-mails today were generally available as early as the 1980s. In 1991, Phil Zimmerman released a set of commercial products collectively called PGP, short for Pretty Good Privacy, to the early PC market (watch this archival footage!) which set the standard for private communications for the next two decades. These days, you're more likely to hear the phrase "end-to-end encryption," but it's the same exact idea as way back then.
Unfortunately, it was not until well after the Snowden leaks in 2013 that PGP actually became popular. Today, you can use a Free Software version of the PGP suite called GnuPG (or GPG for short) that is for all intents and purposes identical to the commercial version of the same software. Moreover, a number of companies such as Keybase and ProtonMail have based their own privacy-enhancing products on the now license-free OpenPGP standard, which is more formally known as RFC 4880.
Like many other popular encryption technologies, PGP works by (metaphorically) creating a sharable digital lockbox for you along with a digital key that can be used to open the lockbox. When someone wants to send a private message to you, like an e-mail, they first download a copy of your digital lockbox, put their message inside that lockbox, lock it, and then send you the locked lockbox. Presumably, unless you have shared your digital key, only you can then open the lockbox and read the message. Obviously, if you share the key to your lockbox with someone else, or if an attacker gets a hold of your private key, they can also read messages that were locked with your digital lockbox, so it's important that your digital key remain private. The technical term for the lockbox is (confusingly!) called a public key, while the technical term for the key to your lockbox is (much more intuitively) called a private key.
One of the reasons PGP is still around and is getting more popular is because it was designed to be a generic cryptosystem capable of protecting arbitrary information, not a specific product that only protected certain kinds of stuff. Thanks to this generality, you can use any PGP-compatible software to do things like password-protect individual files, automatically encrypt e-mail messages, verify the author of particular ("signed") messages to avoid spoofing, and even devise more complex secure sharing scenarios like requiring two out of three people who hold parts of the key to agree before any one of them can unlock something, a technique called Secret sharing.
The NYC chapter of the Anarcho-Tech Collective provides technological and digital infrastructure support services to anti-fascist, anti-racist, and anti-capitalist organizations in New York City. See our Activities and events page for details. Read our Welcome guides to get involved.
We appreciate your support to help us do what we do. If you have the means, please donate BitCoin to 17ByVbkM6mf7bytqWRFwzjqradBkmVh4Tr.
Found an error in these pages? Please let us know by submitting a new issue ticket.